blueman378

ah ill reupload it, phpfreaks had a mysql error on upload

i did... over and over and over and over and over and over and over and over and over and over and over and over and over again for several months and i cant find it, thats the only reason i posted here, cheers

all pages call this one page for the session start... which the include is right at the top of every page <? /** * Session.php * * The Session class is meant to simplify the task of keeping * track of logged in users and also guests. */ include("database.php"); include("mailer.php"); include("form.php"); class Session { var $username; //Username given on sign-up var $userid; //Random value generated on current login var $userlevel; //The level to which the user pertains var $time; //Time user was last active (page loaded) var $logged_in; //True if user is logged in, false otherwise var $userinfo = array(); //The array holding all user info var $url; //The page url current being viewed var $referrer; //Last recorded site page viewed /** * Note: referrer should really only be considered the actual * page referrer in process.php, any other time it may be * inaccurate. */ /* Class constructor */ function Session(){ $this->time = time(); $this->startSession(); } /** * startSession - Performs all the actions necessary to * initialize this session object. Tries to determine if the * the user has logged in already, and sets the variables * accordingly. Also takes advantage of this page load to * update the active visitors tables. */ function startSession(){ global $database; //The database connection session_start(); //Tell PHP to start the session /* Determine if user is logged in */ $this->logged_in = $this->checkLogin(); /** * Set guest value to users not logged in, and update * active guests table accordingly. */ if(!$this->logged_in){ $this->username = $_SESSION['username'] = GUEST_NAME; $this->userlevel = GUEST_LEVEL; $database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time); } /* Update users last active timestamp */ else{ $database->addActiveUser($this->username, $this->time); } /* Remove inactive visitors from database */ $database->removeInactiveUsers(); $database->removeInactiveGuests(); /* Set referrer page */ if(isset($_SESSION['url'])){ $this->referrer = $_SESSION['url']; }else{ $this->referrer = "/"; } /* Set current url */ $this->url = $_SESSION['url'] = $_SERVER['PHP_SELF']; } /** * checkLogin - Checks if the user has already previously * logged in, and a session with the user has already been * established. Also checks to see if user has been remembered. * If so, the database is queried to make sure of the user's * authenticity. Returns true if the user has logged in. */ function checkLogin(){ global $database; //The database connection /* Check if user has been remembered */ if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){ $this->username = $_SESSION['username'] = $_COOKIE['cookname']; $this->userid = $_SESSION['userid'] = $_COOKIE['cookid']; } /* Username and userid have been set and not guest */ if(isset($_SESSION['username']) && isset($_SESSION['userid']) && $_SESSION['username'] != GUEST_NAME){ /* Confirm that username and userid are valid */ if($database->confirmUserID($_SESSION['username'], $_SESSION['userid']) != 0){ /* Variables are incorrect, user not logged in */ unset($_SESSION['username']); unset($_SESSION['userid']); return false; } /* User is logged in, set class variables */ $this->userinfo = $database->getUserInfo($_SESSION['username']); $this->username = $this->userinfo['username']; $this->userid = $this->userinfo['userid']; $this->userlevel = $this->userinfo['userlevel']; return true; } /* User not logged in */ else{ return false; } } /** * login - The user has submitted his username and password * through the login form, this function checks the authenticity * of that information in the database and creates the session. * Effectively logging in the user if all goes well. */ function login($subuser, $subpass, $subremember){ global $database, $form; //The database and form object /* Username error checking */ $field = "user"; //Use field name for username if(!$subuser || strlen($subuser = trim($subuser)) == 0){ $form->setError($field, "* Username not entered"); } else{ /* Check if username is not alphanumeric */ if(!eregi("^([0-9a-z])*$", $subuser)){ $form->setError($field, "* Username not alphanumeric"); } } /* Password error checking */ $field = "pass"; //Use field name for password if(!$subpass){ $form->setError($field, "* Password not entered"); } /* Return if form errors exist */ if($form->num_errors > 0){ return false; } /* Checks that username is in database and password is correct */ $subuser = stripslashes($subuser); $result = $database->confirmUserPass($subuser, md5($subpass)); /* Check error codes */ if($result == 1){ $field = "user"; $form->setError($field, "* Username not found"); } else if($result == 2){ $field = "pass"; $form->setError($field, "* Invalid password"); } /* Return if form errors exist */ if($form->num_errors > 0){ return false; } /* Username and password correct, register session variables */ $this->userinfo = $database->getUserInfo($subuser); $this->username = $_SESSION['username'] = $this->userinfo['username']; $this->userid = $_SESSION['userid'] = $this->generateRandID(); $this->userlevel = $this->userinfo['userlevel']; /* Insert userid into database and update active users table */ $database->updateUserField($this->username, "userid", $this->userid); $database->addActiveUser($this->username, $this->time); $database->removeActiveGuest($_SERVER['REMOTE_ADDR']); /** * This is the cool part: the user has requested that we remember that * he's logged in, so we set two cookies. One to hold his username, * and one to hold his random value userid. It expires by the time * specified in constants.php. Now, next time he comes to our site, we will * log him in automatically, but only if he didn't log out before he left. */ if($subremember){ setcookie("cookname", $this->username, time()+COOKIE_EXPIRE, COOKIE_PATH); setcookie("cookid", $this->userid, time()+COOKIE_EXPIRE, COOKIE_PATH); } /* Login completed successfully */ return true; } /** * logout - Gets called when the user wants to be logged out of the * website. It deletes any cookies that were stored on the users * computer as a result of him wanting to be remembered, and also * unsets session variables and demotes his user level to guest. */ function logout(){ global $database; //The database connection /** * Delete cookies - the time must be in the past, * so just negate what you added when creating the * cookie. */ if(isset($_COOKIE['cookname']) && isset($_COOKIE['cookid'])){ setcookie("cookname", "", time()-COOKIE_EXPIRE, COOKIE_PATH); setcookie("cookid", "", time()-COOKIE_EXPIRE, COOKIE_PATH); } /* Unset PHP session variables */ unset($_SESSION['username']); unset($_SESSION['userid']); /* Reflect fact that user has logged out */ $this->logged_in = false; /** * Remove from active users table and add to * active guests tables. */ $database->removeActiveUser($this->username); $database->addActiveGuest($_SERVER['REMOTE_ADDR'], $this->time); /* Set user level to guest */ $this->username = GUEST_NAME; $this->userlevel = GUEST_LEVEL; } /** * register - Gets called when the user has just submitted the * registration form. Determines if there were any errors with * the entry fields, if so, it records the errors and returns * 1. If no errors were found, it registers the new user and * returns 0. Returns 2 if registration failed. */ function register($subuser, $subpass, $subemail){ global $database, $form, $mailer; //The database, form and mailer object /* Username error checking */ $field = "user"; //Use field name for username if(!$subuser || strlen($subuser = trim($subuser)) == 0){ $form->setError($field, "* Username not entered"); } else{ /* Spruce up username, check length */ $subuser = stripslashes($subuser); if(strlen($subuser) < 5){ $form->setError($field, "* Username below 5 characters"); } else if(strlen($subuser) > 30){ $form->setError($field, "* Username above 30 characters"); } /* Check if username is not alphanumeric */ else if(!eregi("^([0-9a-z])+$", $subuser)){ $form->setError($field, "* Username not alphanumeric"); } /* Check if username is reserved */ else if(strcasecmp($subuser, GUEST_NAME) == 0){ $form->setError($field, "* Username reserved word"); } /* Check if username is already in use */ else if($database->usernameTaken($subuser)){ $form->setError($field, "* Username already in use"); } /* Check if username is banned */ else if($database->usernameBanned($subuser)){ $form->setError($field, "* Username banned"); } } /* Password error checking */ $field = "pass"; //Use field name for password if(!$subpass){ $form->setError($field, "* Password not entered"); } else{ /* Spruce up password and check length*/ $subpass = stripslashes($subpass); if(strlen($subpass) < 4){ $form->setError($field, "* Password too short"); } /* Check if password is not alphanumeric */ else if(!eregi("^([0-9a-z])+$", ($subpass = trim($subpass)))){ $form->setError($field, "* Password not alphanumeric"); } /** * Note: I trimmed the password only after I checked the length * because if you fill the password field up with spaces * it looks like a lot more characters than 4, so it looks * kind of stupid to report "password too short". */ } /* Email error checking */ $field = "email"; //Use field name for email if(!$subemail || strlen($subemail = trim($subemail)) == 0){ $form->setError($field, "* Email not entered"); } else{ /* Check if valid email address */ $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*" ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*" ."\.([a-z]{2,}){1}$"; if(!eregi($regex,$subemail)){ $form->setError($field, "* Email invalid"); } $subemail = stripslashes($subemail); } /* Errors exist, have user correct them */ if($form->num_errors > 0){ return 1; //Errors with form } /* No errors, add the new account to the */ else{ if($database->addNewUser($subuser, md5($subpass), $subemail)){ if(EMAIL_WELCOME){ $mailer->sendWelcome($subuser,$subemail,$subpass); } return 0; //New user added succesfully }else{ return 2; //Registration attempt failed } } } /** * editAccount - Attempts to edit the user's account information * including the password, which it first makes sure is correct * if entered, if so and the new password is in the right * format, the change is made. All other fields are changed * automatically. */ function editAccount($subcurpass, $subnewpass, $subemail){ global $database, $form; //The database and form object /* New password entered */ if($subnewpass){ /* Current Password error checking */ $field = "curpass"; //Use field name for current password if(!$subcurpass){ $form->setError($field, "* Current Password not entered"); } else{ /* Check if password too short or is not alphanumeric */ $subcurpass = stripslashes($subcurpass); if(strlen($subcurpass) < 4 || !eregi("^([0-9a-z])+$", ($subcurpass = trim($subcurpass)))){ $form->setError($field, "* Current Password incorrect"); } /* Password entered is incorrect */ if($database->confirmUserPass($this->username,md5($subcurpass)) != 0){ $form->setError($field, "* Current Password incorrect"); } } /* New Password error checking */ $field = "newpass"; //Use field name for new password /* Spruce up password and check length*/ $subpass = stripslashes($subnewpass); if(strlen($subnewpass) < 4){ $form->setError($field, "* New Password too short"); } /* Check if password is not alphanumeric */ else if(!eregi("^([0-9a-z])+$", ($subnewpass = trim($subnewpass)))){ $form->setError($field, "* New Password not alphanumeric"); } } /* Change password attempted */ else if($subcurpass){ /* New Password error reporting */ $field = "newpass"; //Use field name for new password $form->setError($field, "* New Password not entered"); } /* Email error checking */ $field = "email"; //Use field name for email if($subemail && strlen($subemail = trim($subemail)) > 0){ /* Check if valid email address */ $regex = "^[_+a-z0-9-]+(\.[_+a-z0-9-]+)*" ."@[a-z0-9-]+(\.[a-z0-9-]{1,})*" ."\.([a-z]{2,}){1}$"; if(!eregi($regex,$subemail)){ $form->setError($field, "* Email invalid"); } $subemail = stripslashes($subemail); } /* Errors exist, have user correct them */ if($form->num_errors > 0){ return false; //Errors with form } /* Update password since there were no errors */ if($subcurpass && $subnewpass){ $database->updateUserField($this->username,"password",md5($subnewpass)); } /* Change Email */ if($subemail){ $database->updateUserField($this->username,"email",$subemail); } /* Success! */ return true; } /** * isAdmin - Returns true if currently logged in user is * an administrator, false otherwise. */ function isAdmin(){ return ($this->userlevel == ADMIN_LEVEL || $this->username == ADMIN_NAME); } /** * generateRandID - Generates a string made up of randomized * letters (lower and upper case) and digits and returns * the md5 hash of it to be used as a userid. */ function generateRandID(){ return md5($this->generateRandStr(16)); } /** * generateRandStr - Generates a string made up of randomized * letters (lower and upper case) and digits, the length * is a specified parameter. */ function generateRandStr($length){ $randstr = ""; for($i=0; $i<$length; $i++){ $randnum = mt_rand(0,61); if($randnum < 10){ $randstr .= chr($randnum+48); }else if($randnum < 36){ $randstr .= chr($randnum+55); }else{ $randstr .= chr($randnum+61); } } return $randstr; } }; /** * Initialize session object - This must be initialized before * the form object because the form uses session variables, * which cannot be accessed unless the session has started. */ $session = new Session; /* Initialize form object */ $form = new Form; ?> thanks, its strange because i only get the error sometimes if i add a include myself ( not the same file just random files) but if i add it through dreamweaver it works fine even though it looks exactly the same, any ideas?

hi guys, i have been trying to track this error for months and cant find it maybe some of you will have better luck, here is the error, Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at C:\wamp\www\showgame.php:1) in C:\wamp\www\include\session.php on line 43 and now for every pages source... the zips attached thanks for whoever finds this problem!!! if u need the db or anything just let me know [attachment deleted by admin]

chmod it so it cant be read, wrote, or executed,

thanks thats perfect..... now to track down these bloody header errors!!!!!

all i can say is... TOLD!, no sorry but he did tell u guys, its only possible with javascript, with php once the page is loaded you cant do anything with php

lol true, haha well ive been coding html sinse i was 11 and this year decided it is time to advance it from just html so php was the logical step, but thanks for all your help and a donation will be coming towards php freaks soon!

hmm lol u have been coding for longer than i have been breathing lol ( im 16)

hi guys. haha i must have started at least 10 posts on this forum, just in the last 10 days, well anyway i have this code (snippet) if ($_SERVER['REQUEST_METHOD'] != 'POST'){ echo "<b>1) Select the Game</b><br>"; //gameform global $database; $q = "SELECT gName FROM " . games . " ORDER BY `gName` ASC "; $result = $database->query($q) or die("Error: " . mysql_error()); /* Error occurred, return given name by default */ $num_rows = mysql_numrows($result); if( $num_rows == 0 ){ return 'Games not found!'; } ?> <select name="name"> <?php while( $row = mysql_fetch_assoc($result) ) { echo '<option value="' . $row['gName'] . '">'; echo $row[gName] . '</option>'; } ?> </select> <br> <br> <?php //game form end echo "<b>1) Select the Thumb</b><br>"; //gameform global $database; $q = "SELECT * FROM " . games . " ORDER BY `gName` ASC "; $result = $database->query($q) or die("Error: " . mysql_error()); /* Error occurred, return given name by default */ $num_rows = mysql_numrows($result); if( $num_rows == 0 ){ return 'Thumbs not found!'; } ?> <select name="thumb"> <?php while( $row = mysql_fetch_assoc($result) ) { echo '<option value="' . $row['gThumb'] . '">'; echo $row[gName] . '</option>'; } ?> </select> <br> <br> <?php //game form end echo "<INPUT type='reset' name='reset' value='Reset!'> "; echo "<INPUT type='submit' name='uninstall' value='uninstall!'></center>"; echo "</form>"; echo "<br><br>"; } else{ $name = $_POST["name"]; $thumb = $_POST["thumb"]; echo "<b>Game Name: </b>"; echo "$name"; echo "<br><br>"; echo "<b>Uninstalled</b>"; echo "<br><br>"; rename("../thumbs_ins/$thumb", "../thumbs_uins/$thumb"); rename("../games_ins/$name", "../games_uins/$name"); mysql_query("DELETE FROM ".games." WHERE gName='$name' AND gThumb='$thumb' ") or die("Your have an error because:<br />" . mysql_error()); echo "1 game uninstalled"; } ?> basically the code gets some info from the database ( its a game delete form) and fills some drop down boxes the user is then asked to select then game name, and the thumbfile ( both using the game name as 1.png makes it a bit hard) and then it moves the files to the uninstalled directory, and IF both the thumb file and game name are the same it deletes it from the database, now what i am wanting is a simple if statement to be implemented so that the files are moved ONLY IF both drop down boxes are in the same column in the database, simple enough? thanks people, xmas time is coming, so is a prezzy card ( prepaid credit card) so so is a donation

yeah, i worked that out after a while... thats what happens when you try to combine 2 completely separate scripts, jsut as a matter of interest, how long have you been coding?

i know it might seem stupid but come people do do it but are you entering a invalid email?

hi guys im having a few probs with this: mysql_query"DELETE FROM ".games." WHERE gName='$name' AND gThumb='$thumb' ") basically its the ".games." part, error: Parse error: syntax error, unexpected T_CONSTANT_ENCAPSED_STRING in C:\wamp\www\admin\gameuninstaller.php on line 154 thanks

mwahahha that worked perfectly thanks

um wouldnt the person then have to keep logging in when they move to a different page on your site?

hi there, i tried using this <?php include("include/session.php"); $key = $_POST['key']; global $database; $q = "SELECT * FROM " . Games . " WHERE keyword LIKE '$key' ORDER BY `gName` ASC "; $result = $database->query($q) or die("Error: " . mysql_error()); /* Error occurred, return given name by default */ $num_rows = mysql_numrows($result); if( $num_rows == 0 ){ return 'Game Not Found!'; } while( $row = mysql_fetch_assoc($result) ) { echo $row[gName]; } ?> but i just get a blank page no errors or anything, and when i change the keyword to one that does not exist i get nothing the url is localhost.php?key=Space when i use <?php include("include/session.php"); echo "<pre>"; print_r($_GET); die("</pre>"); $key = $_POST['key']; global $database; $q = "SELECT * FROM " . Games . " WHERE keyword LIKE '$key' ORDER BY `gName` ASC "; $result = $database->query($q) or die("Error: " . mysql_error()); /* Error occurred, return given name by default */ $num_rows = mysql_numrows($result); if( $num_rows == 0 ){ return 'Game Not Found!'; } while( $row = mysql_fetch_assoc($result) ) { echo $row[gName]; } ?> i get Array ( [key] => Space ) when i use: <?php include("include/session.php"); $key = $_POST['key']; global $database; $q = "SELECT * FROM " . Games . " WHERE keyword LIKE '$key' ORDER BY `gName` ASC "; $result = $database->query($q) or die("Error: " . mysql_error()); /* Error occurred, return given name by default */ die("SQL:<br>$q"); $num_rows = mysql_numrows($result); if( $num_rows == 0 ){ return 'Game Not Found!'; } while( $row = mysql_fetch_assoc($result) ) { echo $row[gName]; } ?> i get SQL: SELECT * FROM Games WHERE keyword LIKE '' ORDER BY `gName` ASC

also mate, you might want to load your results into an array, that will make it easier as you dont need to call each result seperatly, cheers

hi there, i have a table called games. it has things like the file link, the name ect, it also has a column called keywords, i was wondering is it possible to count each word in that column as a seperate result, eg with mysql if you search keywords and your word is mouse, it searches all the games and if the word mouse is in the keyword column for that game then that result is shown, cheers matt

ah thanksmate thats brilliant. cheers

hmm my bad, i guess i should have checked first, its cause i had no idea that there was a OR in mysql, so i kinda put that together as i example, but it should work? haha cool, well i guess ill use this thread to ask my second question, i have a search form which is a simple form, <form name="search"> <input type="text" name="searchf"> <input type="submit" value="Search!"> </form> what im looking for is a script which splits the words based on the space, it thencounts how many words there are and assigns them each a variable name "$search1" "$search2" ect, i then need a small script which will check to see how many variables there are and will do what is listed above, adding as many ors as needed. and one small modification to what i wanted before i actually wanted AND not OR, or if possible a AND/OR it searches based on priority, so the results which match the AND come above the OR im assuming you would use explode on the " " character or something like that? thanks

hi guys im trying to build a game search engine so i need a script which is something like mysql_query("SELECT * FROM games ORDER BY gName WHERE gName='$search1' OR gName='$search2' OR gname='$search3'"); thanks

could you not use a script which checks to see if the users referrer is on your domain, if not it runs the logout script? just a idea

ah thanks guys, PHP_PhREEEk's one worked perfectly, rajivgonsalves's one half worked... <form name="cats" action="cats.php"> <select> <option value='Action / Adventure'>{row['cName']}</option> <option value='Beat em up'>{row['cName']}</option> <option value='Other'>{row['cName']}</option> <option value='Puzzle'>{row['cName']}</option> <option value='Racing'>{row['cName']}</option> <option value='Retro'>{row['cName']}</option> <option value='Shoot em up'>{row['cName']}</option> <option value='Sports'>{row['cName']}</option> </select> </form> but its all good thanks peoples hey PHP_PhREEEK how long do u spend on here a day? cheers

hi guys (and PHP_PhREEEk who is the man) i am trying to get some information from a database and write it to a drop down box, heres the code im using, <?php include("include/session.php"); global $database; $q = "SELECT cName FROM " . gsubcat . " ORDER BY `cName` ASC "; $result = $database->query($q) or die("Error: " . mysql_error()); /* Error occurred, return given name by default */ $num_rows = mysql_numrows($result); if( $num_rows == 0 ){ return 'Cats not found!'; } ?> <form name="cats" action="cats.php"> <select> <?php while( $row = mysql_fetch_assoc($result) ) { echo '<option value="$row[cName];"> echo $row[cName];</option>'; } ?> </select> </form> and heres the result <form name="cats" action="cats.php"> <select> <option value="$row[cName];">echo $row[cName];</option> <option value="$row[cName];">echo $row[cName];</option> <option value="$row[cName];">echo $row[cName];</option> <option value="$row[cName];">echo $row[cName];</option> <option value="$row[cName];">echo $row[cName];</option> <option value="$row[cName];">echo $row[cName];</option> <option value="$row[cName];">echo $row[cName];</option> <option value="$row[cName];">echo $row[cName];</option> </select> </form> obviously not the desired result, i know it is getting the information from the database ok because the amount of options = the information in the database, so any1 help? cheers

haha true, thanks man you are awesome!!!